The Host Unknown Podcast - Episode 200 - The Bicentennial men Episode
Episode Date: September 2, 2024This week in InfoSec (07:42)With content liberated from the “today in infosec” twitter account and further afield29th August 1990: The UK's Computer Misuse Act 1990 went into effect, introducing... 3 criminal offences related to unauthorised access and modification of "computer material".https://twitter.com/todayininfosec/status/1829252932178719161 27th August 1999: One of the first companies to offer a dedicated web application firewall (WAF) was Perfecto Technologies with its AppShield product. But it didn't use the terminology "WAF", instead describing it as "a plug and play" Internet application security solution."https://twitter.com/todayininfosec/status/1828483993001492969 Rant of the Week (13:25) Watchdog warns FBI is sloppy on secure data storage and destructionThe FBI has made serious slip-ups in how it processes and destroys electronic storage media seized as part of investigations, according to an audit by the Department of Justice Office of the Inspector General.Drives containing national security data, Foreign Intelligence Surveillance Act information and documents classified as Secret were routinely unlabeled, opening the potential for it to be either lost or stolen, the report [PDF] addressed to FBI Director Christopher Wray states.Ironically, this lack of identification might be considered a benefit, given the lax security at the FBI's facility used to destroy such media after they have been finished with.The OIG report notes that it found boxes of hard drives and removable storage sitting open and unattended for "days or even weeks" because they were only sealed once the boxes were full. This potentially allows any of the 395 staff and contractors with access to the facility to have a rummage around. Billy Big Balls of the Week (22:01)Deadbeat dad faked his own death by hacking government databasesA US man has been sentenced to 81 months in jail for faking his own death by hacking government systems and officially marking himself as deceased.The US Department of Justice on Tuesday detailed the case of Jesse Kipf, 39, who was sent down for computer fraud and aggravated identity theft.In January 2023, Kipf used the credentials of a physician to access Hawaii's Death Registry System and create a "case" that recorded his own death."Kipf then completed a State of Hawaii Death Certificate Worksheet, assigned himself as the medical certifier for the case and certified his death, using the digital signature of the doctor," the DoJ wrote. The paperwork was all correct, so many government databases listed Kipf as deceased.But he was very much alive and enjoying the fact that his "death" meant he didn't have to make child support payments or catch up on those he'd already missed. Evidence presented in court included internet search histories recorded on a laptop, with Kipf looking up terms including "Remove California child support for deceased." Industry News (28:13)Uber Hit With €290m GDPR FineFBI Flawed Data Handling Raises Security ConcernsMicrosoft 365 Copilot Vulnerability Exposes User Data RisksMoney Laundering Dominates UK Fraud CasesRansomware Attacks Exposed 6.7 Million Records in US SchoolsIT Engineer Charged For Attempting to Extort Former EmployerSurge in New Scams as Pig Butchering DominatesUnpatched CCTV Cameras Exploited to Spread Mirai VariantNorth Korean Hackers Launch New Wave of npm Package Attacks Tweet of the Week (36:20)https://x.com/fesshole/status/1828921760147767400 Come on! Like and bloody well subscribe!
Transcript
Discussion (0)
I had no idea what that reference was from.
No. Well, that's madness, come on.
Yeah.
It's madness you don't know that.
Literally, yeah, Suggs and Co.
Indeed.
Well, we finally got together to record since Andy failed to turn up this morning.
So I, well, unfortunately I just had some work that got in the way, unfortunately.
Oh my God.
How inconsiderate.
The day job.
Sounds like you need a new job, mate.
You're listening to the Host Unknown Podcast.
Hello, hello, hello. Good morning, good afternoon, good evening, and welcome, welcome one and all, welcome dear listener, to episode...
204!
200 of the Host Unknown podcast!
You go and ruin it every time, for goodness sake!
Oh, dear me!
What's the big deal? We had our 200th episode four episodes ago
all i know is that when we had a 200th episode andy gave me cake and now tom's gonna give me
cake yeah cake cake oh yeah he rocked up at your door no you rocked up at his door
right well if you rock up at my door, I'll get you some cake. Fine. I've got my new helmet.
I'm going to rock up there soon.
Your death trap helmet.
So just for the listeners, you've been on a bit of an AliExpress addiction.
I have.
I completely held off AliExpress for many, many years.
And then a few weeks ago, in my boredom as i was in the states
on my holiday i downloaded the app and oh my god they they trick you and trap you by offering you
amazing things for like a couple of quid they switch and bait though don't they or bait and
switch even no no it's exactly what they describe they don't know it's not it's they don't it is yeah
the quality is absolutely not there but it is exactly what they describe it is no honestly i've
got this mouse map desk mouse map now only about two pound fifty and it is brilliant it is actually
really good quality does it look like it's worth two pound fifty no it looks like it's worth a lot
more let's have a look point it up with the point of the camera which is perfect for a podcast my
keyboard's on and my mouse is on it and everything oh is it one of those big ones it's a big one yeah
okay does it uh does it look shiny because it's got like the sweat of like nine-year-old
laborers i hope so uh no this one more than ten times the cost of yours.
Quality, mate.
That looks like a tablet upside down.
It's called Moonimal,
and it's specifically designed for Apple Mices.
Of course.
So you've got a jam that would just buy any cheap shit off AliExpress.
But, Tom, if you say it's explicitly for Apple, you sold fuck yeah fuck yeah it's good quality it's good quality i've got
four of them i've got i've got like these two like um valve caps for for my bike in red caps
i've got like uh did you buy them from aliexpress as well there's a raspberry pi
i've got to figure out how to... That's a Pi Zero?
Yeah.
What were you thinking about 22 days ago when you ordered those?
I have no idea.
I have no idea.
I've got some...
I'll tell you what I need is some valve caps and a small computer with no monitor output.
Hey, look, you know, it's like if the item's there for the taking, you take it.
If not, you resell them on eBay. That's how it works.
Well, I guess now you can run your own business again.
You might as well set up an eBay business, resell in AliExpress.
One step at a time.
So, talking about cheap and disappointing finds uh andy how are you not too bad it's it's been one of those weeks where
i just don't know where i've been i've been up and down i've been all over the place i'm just
between the kitchen and the office between the kitchen fridge and the
snack cupboard yeah exactly i have been uh i have been absolutely binging on food i need to uh have
you get that back under control all right you know i tried a plant-based diet it's uh it didn't work
out for me no no i ended up buying meat to put with every meal a plant-based diet plus meat yeah right okay it was uh so basically
i'm getting my like three three of my five a day with each meal and anyway it's supposed to be seven
or nine isn't it something like that oh i see the us did that one the uk recommends five a day
not anymore not anymore really i think they're recommending more now
and i know you're going to look it up in a minute i will do i will wait um you know until someone
else is talking exactly that but um yeah talking to someone else talking tom what are you you take
over that was quite lame actually in fairness do you know why it's always a struggle when we record late at the end of the week?
Because everyone's sort of on the decline.
We're ready to go down.
It's like, look, the weekend is in sight.
Work is done for the day.
Yeah, and then we've got to do this f***ing thing.
Exactly.
Although I do appreciate you guys not going ahead and recording the 204th episode without me
yeah despite the fact that jav was like absolutely lobbying for it i was pushing for it it was a
milestone one and whilst i felt it was important you know that it would be good to have someone
not completely disagree with my numbering of this podcast i did think it was a little bit unfair
you know jav however you know utter bastard he was all for it oh ditch and split absolutely
no loyalty that one exactly tom was just too sentimental in his old age i am i am a sentimental
man you know it's like at least and Andy to say something nice at his funeral.
Yeah, yeah.
You get to the twilight of your years and you look back
and I look at you two and I'll remember you both as just people I once knew,
but I just always think, you know,
you've got to sort of look back fondly at these times, you know?
And, I mean, I know we can't see it on the podcast,
but just to see Andy's smiling little face right now,
it makes all the difference.
It makes all the difference.
You know, it's a static image.
Yeah, exactly.
But talking of all the differences,
shall we see what we've got coming up for you today?
This week in InfoSec is an illegal game of whiff-waff
before even Bojo thought of it.
Rant of the Week is the stuff of nightmares
for any records management professional.
Billy Big Balls is a story about people doing the bare minimum.
Industry News is the latest and greatest news stories
from around the world.
And tweet of the week is a dish best served cold.
Okay, so let's move on, shall we,
to our favourite part of the show.
It's the part of the show that we like to call...
This Week in InfoSec. this week in infosec
it is that part of the show where we take a trip down infosec memory lane with content
liberated from the today in infosec twitter account and our first story takes us back a mere 34 years to the 29th of August 1990,
when the UK's Computer Misuse Act of 1990 went into effect, introducing three criminal offences
related to unauthorised access and modification of computer material. And so what's interesting about this is the Computer Misuse Act of 1990
was introduced into UK law after two hackers obtained,
without the person's knowledge, the username and password
of an IT engineer who worked for a large telephone company.
And those two hackers then remotely logged into the IT engineer's account
and to their surprise, they were able to access the mailbox of Prince Philip.
So the police were notified and the hackers were arrested.
The two hackers were convicted under the Forgery and Counterfeiting Act of 1981.
But the hackers claimed their actions were not for financial gain.
They just simply wanted to demonstrate they could hack the system.
So on appeal, their convictions were overturned as it could not be said that they committed forgery under the legislation.
And thus the Computer Misuse Act of 1990 was created to deal with the issue of accessing or modifying data without permission.
It's all down to those damn fuzzy wuzzies and
Prince Philip.
And obviously a good
legal team. You can't... Oh yeah, them
too. Your life can just
be so much better with good legal support.
Apparently so. Apparently so.
But alas, our
second story takes us back a
mere 25
years.
It doesn't seem that long ago.
To the 27th of August, 1999,
when one of the first companies to offer a dedicated web application firewall,
or a WAF, was Perfecto Technologies with its AppShield product.
But it didn't use the terminology WAF instead they described it as a plug and play
internet application security solution that rolls off the tongue indeed you know marketing will
probably have a word about that yeah so AppShield launched in 99 by Perfecto Technologies which then
later turned into Sanctum was the pioneering application firewall designed to protect code and data from malicious attacks.
So AppShield was the first product to inspect incoming HTTP requests
and dynamically block threats based on an analysis of outgoing HTML pages.
And it was this innovative approach provided a robust isolation of application registers and address space,
making it difficult for rootkits to access protected memory.
You should work for their marketing team.
Yeah.
Well,
do you know what I would do?
Because it would be great.
But despite their groundbreaking technology,
they struggled in the market.
So they were ultimately acquired by F5 Networks
in 2004, or certainly the
AppShield IP
was, and F5
discontinued the
technology. But we
still have WAFs today, right?
We do, but they just took that particular
WAF out of the market.
That was like a personal
WAF, right?
No, it was Enterprise. Yeah,. Okay, okay, okay. That was like a personal left, right. No, it was Enterprise.
Enterprise, really.
Yeah, no, they just took it out.
Oh, right.
You know what I was thinking?
I was thinking of Zone Alarm.
Oh, yeah.
I remember those ones.
Zone Alarm. Oh, wasn't that that charlatan dude?
No.
Oh, no.
Shields Up, I'm thinking of.
He's not a charlatan.
No, he's not a charlatan.
Wasn't he?
I think he's on your list, though. Gibson. Yeahlatan. I think he's on the list, though.
Gibson.
Yeah, Gibson.
I think he's on the list.
Gibson Research.
GRC.
Yeah.
A lot of people are on that list who don't deserve to be on that list, honestly.
Yeah, Gregory D. Evans was a stitcher.
Jeff's on the list.
Quick aside.
I remember when I first read that list, I thought i thought oh i don't want to become well
known in this industry i might end up on that list yeah like yeah you've got to really screw
up to be on that list though i don't know i think you know to jav's point i think last time i saw
the list there were quite a few names i thought oh, oh, that's, yeah,
who's the big
catch me if you can guy?
Frank Abagnale.
He's on the list.
Yeah.
Oh,
interesting.
Interesting.
Why is he on the list?
Well,
I'm going to have a look
at that after the show,
actually.
Errata.org?
Attrition.org,
Errata.
Yeah.
Yeah.
That's the one. That's the one.
That's the one.
Excellent.
All right.
Well, before we segue too far, that was this week's...
This week in InfoSort.
If you work hard, research stories with diligence,
and deliver well-edited, award-winning, studio-quality content
for high-paying sponsors.
Then you too can be usurped by three idiots who know how to think on their feet.
You're listening to the award-winning Host Unknown podcast.
Okay, let's quickly move on because we're all rapidly running out of energy here.
It's time for...
Listen up! R out of energy here. It's time for... Listen up!
Rant of the Week.
It's time for Mother F***ing Rage.
Right, this is a story about the FBI.
Guys, come on.
Every time.
Every time you say that word, you do that.
And then when I come to say it, you don't. come on. Every time. Every time you say that word, you do that. And then when I come to say it, you don't.
Come on.
This is like a dad trying to be cool with the kids,
like trying to use the lingo and everything.
What, and you two being the kids?
Please.
Well, there's a generational gap here.
One's got the same amount of hair as me,
and the other one's got the same amount of grey hair as me.
One's got the same amount of hair as me,
and the other one's got the same amount of grey hair as me.
Anyway, this is a story about the FBI.
Hi.
Thank you.
Who, as we know, is a law enforcement agency.
They gather evidence of all sorts of stuff,
but certainly electronic devices and records and things like that.
But it turns out that they're actually a bit crap at this sort of thing.
So it's been ascertained that they've made some serious slip ups in how it processes and destroys electronic storage media that has been seized as part of their investigations and this is not just by you know just some random third party this is by the department of justice
office of the inspector general which um well i have no idea who they are but they sound like they're important they sound like the oig or the spg
something like that i'm not sure um so that hard drives that contain national security data
foreign intelligence surveillance data and documents classified as secret were routinely unlabelled
and left in containers that were unsealed,
giving it the potential to be either lost or stolen, the report said.
And there is a link in the show notes to the actual PDF.
There is a link in the show notes to the actual PDF.
It found boxes of these hard drives and removable storage sitting open and unattended for days or even weeks because they were only sealed once the boxes were full, which is appalling.
So they went to this facility, they're thrown in a box, and then when the box is full, then they're sealed and catalogued.
Now, correct me if I'm wrong here, but surely chain of custody exists
from the moment you get hold of the item
to the moment it's destroyed or handed off to a final destination, right?
Surely this would break the chain of custody.
Well, so it depends on, I mean, everything you're saying so far,
all I'm hearing is good capacity management.
They are not wasting space.
They're not wasting space with these national secrets.
Exactly.
So one thing I learned from one of my boys over at tiktok and he knows one
i'm talking about he couldn't tell me a secret about how the fbi operates yeah and actually
what happens is the fba they don't just come knocking at your door on a whim they actively
collect data on you for months if not years until it's irrefutable and then uh so this
stuff is just like side missions for them all this stuff they've actually got you hook line and
sinker already so it's probably not this is that data no it's not that data probably not probably
they they got people to confess anyway like you know but that's not the point
this data is supposed to remain secure national security data foreign intelligence surveillance
data well this is the kind of stuff that trump takes home and leaves on his kitchen table isn't
well maybe they're taking out the guys but but this is stored in a facility that's accessed by nearly 400 staff, including contractors, right?
Contractors who, as we've seen, given that there's been a recent case of a Chinese national being arrested for spying because they've been passing data on.
This stuff is not being secured.
Now, the FBI actually agreed with the report.
Get this.
And they said, OK, what we'll do.
And there's pictures, there's photos in the in the in the link here of of these cardboard boxes on storage shelves,
which are waiting to be filled before they're sealed. Right.
But they said, OK, what we're going to do is the FBI said we're going to install wire cages to lock this media away.
So rather than having it open, it's going to be behind a wire cage.
So not everybody of these, not all of these 400 people have got access to it.
And in December, so this was December last year, the Bureau said it would also install video surveillance systems.
They don't even have video
surveillance on this stuff the fbi who surveil fucking everybody are not surveilling their own
staff around national security data national your own supply so i wonder what goes on exactly
that's so they said this in december as of of June this year it was still processing
the paperwork to do this work
well you know how long it takes
to get quotes and find the right builder
to put a fucking
cage around something
you know like have you ever tried
getting bushes trimmed in your garden
don't be silly
nobody can afford to get someone to just come in and trim bushes.
I mean, you've got to be rolling in money to do that, haven't you?
I can get a guy to cut hedges in 48 hours.
Trim your own bushes, for goodness sake.
Who would do that?
Anyway, this is freaking outrageous absolutely outrageous
the spokesperson said the fbi appreciates the office of inspector general's review of the site
and has completed security enhancements and procedural changes apparently really really in has identified zero incidents of site compromise
just or zero incidents of access by unauthorized personnel that doesn't mean it hasn't gone
they just haven't found any of the incidents the report says it's not possible to identify
if theft occurs exactly they haven't been able to identify any evidence of theft.
Right.
Checked out.
See, what would really need to happen is the last 10 years' worth of cases
need to be thrown out by a judge due to potentially tampered evidence.
Yeah.
That would get them to fix it really quickly.
Precisely.
But until it actually has a material
impact or anything they've got no reason to fix it but there's some savvy lawyer going there's a
good chance some of some of the data some of the evidence that's being used against my client is in
one of these what one of these bins maybe it's been compromised maybe you're gonna have to prove what that
compromise was that maybe might even delay that but it might delay the uh court case for
for a number of years who knows i mean it's worked for trump right
true so anyway bloody outrageous don't you dare say otherwise, Jav.
Otherwise.
Rant of the Week.
Feeling overloaded with actionable information?
Fed up receiving well-researched, factual security content?
Yes!
Ask your doctor if the
Host Unknown podcast is right
for you.
Always read the label. Never double dose on episodes.
Side effects may include nausea, eye rolling
and involuntary swearing in anger.
Alright, Jav. Over to you, matey.
So, you know, you hear a lot about these deadbeat dads who don't want to pay child support or they miss payments and they don't want to do anything and you know they they're very tricky
people they sometimes like you know skip town or become prime ministers of uk yeah exactly
stuff like that well one uh such gentleman jesse kipf 839 um he used the credentials of a physician
to access hawaii's death registry system and created a case that
recorded his own death. He then completed a state of Hawaii death certificate worksheet, assigned
himself as a medical certifier for the case and certified his death using the digital signature
of the doctor. The paperwork was all correct so many government databases listed him
as deceased. All this to get out of paying child support money. You have to admire that
you have to admire that he had chops on the guy. I know, I i know now he would have gotten away with it had he not
you know not returned home and just continued his life well so i kept his facebook account alive
no but he wasn't satisfied with faking his own death he stole other credentials and used them
to access other state
desk registries private business networks and government and corporate networks
he then tried to sell access to these networks to potential buyers on the dark net uh he admitted
to these attacks um well these acts sorry and uh he should go away for about five years.
And once he's back, he is due to pay about $195,000 in child support payments and the cost of damages.
This is the story of a man who can't even do the bare minimum for his own children.
Sheesh.
That's right.
And the bare minimum is not much.
At this point, he would have been better off just like offing himself for real.
Wow.
That's harsh, Jav.
Yeah.
But I think, I mean, financially speaking, it would have been a better choice for him.
Well, yes.
Yes.
Yes.
But actually, about five, six, 2015.
What was that?
A mere nine years ago.
Wow.
Are you going to talk about the canoe guy?
No.
There was a talk at DEF CON by a guy called Chris Rock.
He's a white, he's not a black comedian.
He's a white Australian guy. And he'd done a talk called chris rock he's a white he's not a black comedian he's a white australian guy
and he done a talk called i can kill you and he spoke about pretty much this process but without
uh stealing credentials he said you could register yourself as a undertaker and there's no real
checks and there's a base on that you can submit the forms and then there's very little checking
done and then you could basically list anyone as deceased and you need a coroner though don't you can't just go to
an undertaker's and say right i don't know i've got this dead body is this in the us or in the uk
probably the us in the in australia oh in australia okay i think we've got we've got a
bit more governance around the process over here australia it's a really used to the old pirate law yeah stick them outside and let them
boil in the sun mate
but I'll send you
the link because it's a really good talk
it's worth listening to
because apparently there's
also a case in the US where someone
was accidentally declared as dead
because their names were matching someone
else on the same date of birth
and he was in
court trying to prove that he was alive and the judge said like you're alive I can clearly see
you're alive but there's no law that I can use to undead you so it was a real mess um so so it's
it's it's quite a messy thing but anyway I think it's a pretty ballsy move to declare yourself dead
and think that you can still carry on living a normal life.
Do you know what?
Funnily enough, on that last bit you just said,
my son wrote an award-winning screenplay
about just that happening.
About what?
About someone being accidentally shown to be dead
just because of a misspelling or something on a
certificate and him this person then going to trying to fight the bureaucracy to sort of say
i'm not dead well would you mind just being dead because you know paperwork uh you know that that
sort of thing so yeah it's very very interesting so i i'm intrigued are you saying he's a billy
big balls because he tried to avoid paying
child's maintenance
that is not what I'm saying
or is he a Billy Big Balls
because he
because he's sired so many
children with his
said Big Balls and therefore
needed to avoid making the payments
let's go with that one
let's just go with
option two even you couldn't defend this one
billy big balls of the week
the host unknown podcast orally delivering the warm and fuzzy feeling you get when you pee yourself
indeed indeed and talking of uh time for some uh serious waste products what time is it andy
it is that time of the show where we head over to our news sources over at the InfoSec
PA Newswire who have been very busy bringing us the latest and greatest security news from around
the globe. Industry news. Uber hit with 290 million euro GDPR fine. Industry news.
FBI flawed data handling raises security concerns.
Industry news.
Microsoft 365 co-pilot vulnerability exposes user data risks.
Industry news.
Money laundering dominates UK fraud cases.
Industry news.
Ransomware attacks expose 6.7 million records in US schools.
Industry news.
IT engineer charged for attempting to extort former employer.
Industry news.
Surge in new scams as pig butchering dominates.
Industry news. Surge in new scams as pig butchering dominates.
Unpatched CCTV cameras exploited to spread Mirai variant.
North Korean hackers launch new wave of NPM package attacks.
And that was this week's Industry News.
Huge if true.
Huge, huge if true.
I'm surprised about Uber.
Are you saying that Uber
may have practiced,
have some practice in the grey
area, operated in the grey area?
Well, you know, I mean... Many of their governance.
Yeah, maybe.
I mean, it's not like they've got form, so i guess it is a little bit of a surprise but uh so uber's facing a massive gdpr
fine after the dutch regulator claimed it violated the regulation by storing driver data in the us
without adequate safeguards oh so that privacy shield's not doing any good yeah i know christ and they
do you know ever since the privacy shield thing is something like the third attempt at getting
it right again isn't it yeah it's the same guy that keeps challenging it yeah proving it's uh
i'm proving it's crap yeah but oh man really well, like, it's like their ex-CISO,
like the guy that got done for the...
Yeah.
For turning a hack into a bug bounty.
Yeah, yeah, yeah.
Retrospectively turning a breach into a bug bounty.
Yeah, he's now on the media circuit a bit,
like giving his commentary and advising CISOs on, like, you know...
On what not to do.
Yeah, and CISOs need more protection and what have you.
Yeah.
Maybe CISOs shouldn't do shady shit.
Yeah, where was it?
Because it all came up, I remember he was a talking head
when they talked about CISOs should face personal liability.
Yes.
Much like they do in the financial sector as a responsible person.
I think you can if you're in a regulated environment if you as a cso yeah if you're part of the accountable people the account one of the accountable people but that's
because of a separate legislation not because you are a cso yeah no absolutely um so i'm confused
like we've got two stories here
where we're talking about
money laundering dominating
UK fraud cases,
but then the surge in
new scams,
pig butchering dominates.
Maybe pig butchering
dominates the surge,
but it's still fraud.
Online fraudsters are rapidly
adapting their activities
to run more impactful...
I don't know.
There's too much to read here.
Jesus.
Pig butchering.
Do you trust...
Do you trust Blockchain Investigation for Chainalysis
because they said that it's pig butchering dominates
or do you trust KPMG more?
KPMG.
Who like, you know, clearly have no,
what do you call it?
They have no skin in the game.
No, read down.
Read down.
Oh, wait.
Read down on the KPMG one.
They are quoting the Chainalysis report.
You heard it here first, folks.
This is why you pay the big consultancies,
because they can reinterpret your data for you.
Wow.
And it's not like they've got any vested interest in banking
or money laundering in that regard.
It's not like they do any accountancy or anything.
Yeah, but do you trust a company called Chainalysis?
No, not as far as I can throw.
I mean, come on.
That's even wankier than your average consultancy firm.
Yeah.
Can you give me some examples of wanky consultancy firms?
No.
Any of the boutique ones.
Any of the boutique ones.
McKinsey?
I don't know.
Could be.
Do you reckon we could get one of our own research papers published
by the InfoSec Stig or our news sources over at the InfoSec PA Newswire?
Because I've never heard of Chainalysis,
and occasionally we see these reports from companies I've never heard of.
Let's do it.
Actually, you know, Tom, we didn't really push our report
as much as we could have,
like the artificial seesaws.
Oh, that's right.
That's right.
Maybe we should have done that.
Well, actually, I do remember
it was a little busy at the time
because that was straight after COVID,
wasn't it?
Or that was just before COVID
or during COVID.
Because I think we went to,
that was the last time
we were both in San Francisco.
Yeah, that's right.
Oh, like when the rest of the world is going into lockdown,
and you went to a super spreader event.
Yeah.
It was fine. We were fine. Thank you for asking.
Yes, yes.
It was really funny because I was out there,
and then I saw all these people wearing masks, like out on the streets.
And I thought, oh, you know, a lot of...
Is it Halloween?
Yeah.
You thought a lot of people from Asia halloween yeah you thought a lot of
people from asia they wear masks anyway like you know you see the japanese wearing them on the
other so i thought it was just that and at that time i was just like
we were you know blissfully ignorant off off what johnson said it wasn't real so it's not real
no it wasn't no no i mean just like tell that to all the people
who lost all their...
so many loved ones and elderly.
Well, yeah, exactly.
Let's not go down that rabbit hole.
No.
No.
No.
So anyway, to the point,
can we get something public?
Can you update that report
and then we push it out
and see if it gets quoted?
Well, should we just make something up?
Yeah, why not?
You know, there was that guy see if it gets quoted well should we just make something up yeah why not you know you know there
was that guy who once interviewed with the he had a wikipedia page himself i can't remember who it
was but he he managed to score an interview with the new york times and in that he he told the
report that he was the one, the foremost expert in X.
And that's what the reporter led with.
And then he went and updated his Wikipedia page to say,
New York times has quoted me as being the foremost expert on X.
And that's all we need to do.
We just need to set this little snowball in motion.
Chicken and egg.
Absolutely. Absolutely.
Absolutely.
Anything else here to look at?
I'm not looking at NPM packages, so, like, you know, no.
NPM packages?
Isn't that Linux?
Yeah, I'm not looking at that. NPM,
no,
I mean,
I'm looking at the
CC,
just patch your
systems,
people.
Yeah,
it's the same
story.
We're just looking
at different
variants of
different groups
hacking systems
because people
didn't patch.
Patch your
systems and
remember to
enunciate.
Mariant,
yes.
Mariant.
All right, let's move on on that was this week's
industry news you're listening to the double award-winning host unknown podcast.
All right, Andy, take us home with this week's... Tweet of the Week.
And we always play that one twice.
Tweet of the Week.
And this week's Tweet of the Week was submitted by one of you two
because I was not around this morning when this part was inserted.
And it is from Fesshole.
Yay!
And the person says,
a work colleague didn't invite me to a night out he'd organised
despite nearly everyone else at work being invited.
He claims he forgot, but I know he doesn't like me.
When I became his manager and I was told I had to make savings,
I forgot to renew his contract.
How do you like them apples? I love it. the level of pettiness i aspire to yeah well being just being petty because
someone you don't like doesn't invite you to their party yeah i know i probably wouldn't
have turned up anyway i would say thank you for not inviting me I don't like you, you don't like me
what's the problem here, but no
someone had to take it a step further
exactly
oh man
excellent, thank you Andy
for this week's
tweet of the week
well we've hit
the end of the show, we've kept it
well we've kept it quite tight, really, this week.
Not bad.
It's a little gift for everybody on their 200th episode.
Because, let's face it, you don't really have time to listen to us dawdle on like this all the time.
Andy, thank you very much.
Stay secure, my friend.
And Jav, thank you.
Yeah, whatever. Stealing my lines, thank you. Yeah, whatever.
Stealing my lines, stealing my best jokes, everything.
Just try to get some originality, you two.
Stay secure.
You've been listening to The Host Unknown Podcast.
If you enjoyed what you heard, comment and subscribe.
If you hated it it please leave your
best insults on our reddit channel worst episode ever r slash smashing security
are we out did we make it to 200 we got so many things that we used to do in the old days it never
survived remember the little people?
Yeah. We should bring that back.
You know what? People just won't
be too sensitive these days.
But also, which one of us
is going to go out and interview the little people?
Well, it's been a long time since your mum
has submitted anything.
Alright, you email them to phone it in then.
Do everything around it, don't I?